About 17 days ago now, while I was searching something on Google, while using Google Chrome, a banner came up on the top of the web page (to clarify, the top of the Google search results, not as part of Chrome). I was, at the time, logged in to my Google account, on my Windows 10 machine. The banner had a blue shield icon in the top left corner, in the center, some text along the lines of "update your account for added security and transparency", and to the right, two blue buttons along the lines of "no thanks" and "tell me more". The banner actually used Google resources, it looked like something made by Google, and not cheap or fake looking at all. If I closed the search, the banner would go away, but would sometimes pop up again. I tried to see if it would pop up on another computer, my Mac, but it never seemed to.
I was a bit suspicious, and didn't want to click on the links, since they seemed so unprompted. A quick google search provided no information concerning any sort of account update, which made me more suspicious. The closest was a several year old post about adwords or adsense, which I don't use. Though I did try to get Google App Engine running, before I learned I had to pay for it, and backed out part way through the signup process. This also happened a day or two after an update for Kaspersky, during which Windows 10 warned me I was unprotected and that I should turn on Defender.
What I did so far
Worried that my system may have been compromised during the Kaspersky update, I did quite a bit:
- Logged out of anything currently logged in (i.e. GMail, Facebook, etc.)
- Reinstalled Kapsersky w/ a fresh download from Kaspersky's website, retrieved with a clean PC.
- Updated Chrome through Ninite
- Ran several full Kaspersky scans from Safe Mode
- Ran several scans from Avira Rescue disk
- Ran RKill (as iexplorer.exe), TDSSkiller, AdwCleaner, and HitmanPro
Hitman found some Tracking Cookies. Avira marked some files from the old Voxlap game engine I carried over from my old PC as trojans (though me and a friend discussed it, and it looks like Avira was being jumpy. The files were labeled "gen" trojans or something, apparently what Avira's heuristic detection labels suspected trojans, as a safety measure. Since the file didn't matter to me now, I deleted it while writing this post). Other than those, the scans were clean.
I think that summarizes what went on. With all the clean scans, it looks like I just jumped the gun. Maybe there was an account update for a regular old google account, with a (by my standards) needlessly vague prompt. There were prompts to update Chrome around then, and around the same time, a new blue shield icon appeared in the google apps toolbar in the Google search. However, the vague wording and lack of info worried me, and I'm worried something may be/have been on my PC, allowing fake popups to appear as part of some sort of phishing scam. Honestly, I just want some piece of mind. If this is bad, I don't want to have to uproot my PC, as depending on what I have to do, I might lose LOTS of data.
Thank you for your time, and I hope this is the right sub-forum for this particular situation.